At 5:02 PM +0200 6/27/05, Francis Dupont wrote:
pre-shared secrets are known to be weaker than certificates
That statement is false for many common uses of preshared secrets and certificates. A preshared secret with even 80 bits of randomness is stronger than most certificates used for authentication today. (See RFC 3766 for the math behind this.)
I remember a similar discussion about IKEv2 but in this case pre-shared secrets were kept for compatibility...
This is also false. The archives of the IPsec Working Group show that there were many other reasons for supporting preshared secrets, including many administrative scenarios.
The two authentication mechanisms have quite different properties and each is appropriate in many settings. Saying one or the other is "known to be weaker" without examining the context, particularly on a general-purpose mailing list, will not help increase the security of the Internet.
--Paul Hoffman, Director --VPN Consortium _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf